From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 22 Feb 2023 22:10:25 +0000 (+0100)
Subject: memory-util: add a concept for gcc cleanup attribute based array destruction
X-Git-Tag: v254-rc1~1182^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ff3f1464ec2dd40c9d8eb92e1474cb4d1c8c676b;p=thirdparty%2Fsystemd.git

memory-util: add a concept for gcc cleanup attribute based array destruction
---

diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h
index bf783b15a22..9a62381df1d 100644
--- a/src/basic/alloc-util.h
+++ b/src/basic/alloc-util.h
@@ -15,6 +15,7 @@
 
 typedef void (*free_func_t)(void *p);
 typedef void* (*mfree_func_t)(void *p);
+typedef void (*free_array_func_t)(void *p, size_t n);
 
 /* If for some reason more than 4M are allocated on the stack, let's abort immediately. It's better than
  * proceeding and smashing the stack limits. Note that by default RLIMIT_STACK is 8M on Linux. */
diff --git a/src/basic/memory-util.h b/src/basic/memory-util.h
index 428ccc210cd..d03d52cd438 100644
--- a/src/basic/memory-util.h
+++ b/src/basic/memory-util.h
@@ -111,3 +111,37 @@ static inline void erase_and_freep(void *p) {
 static inline void erase_char(char *p) {
         explicit_bzero_safe(p, sizeof(char));
 }
+
+/* An automatic _cleanup_-like logic for destroy arrays (i.e. pointers + size) when leaving scope */
+struct ArrayCleanup {
+        void **parray;
+        size_t *pn;
+        free_array_func_t pfunc;
+};
+
+static inline void array_cleanup(struct ArrayCleanup *c) {
+        assert(c);
+
+        assert(!c->parray == !c->pn);
+
+        if (!c->parray)
+                return;
+
+        if (*c->parray) {
+                assert(c->pfunc);
+                c->pfunc(*c->parray, *c->pn);
+                *c->parray = NULL;
+        }
+
+        *c->pn = 0;
+}
+
+#define CLEANUP_ARRAY(array, n, func)                                   \
+        _cleanup_(array_cleanup) _unused_ struct ArrayCleanup CONCATENATE(_cleanup_array_, UNIQ) = { \
+                .parray = (void**) &(array),                            \
+                .pn = &(n),                                             \
+                .pfunc = (free_array_func_t) ({                         \
+                                void (*_f)(typeof(array[0]) *a, size_t b) = func; \
+                                _f;                                     \
+                        }),                                             \
+        }
diff --git a/src/test/test-memory-util.c b/src/test/test-memory-util.c
index 241f46c0d04..2f8384ac09b 100644
--- a/src/test/test-memory-util.c
+++ b/src/test/test-memory-util.c
@@ -15,4 +15,41 @@ TEST(eqzero) {
         assert_se(!eqzero(longer));
 }
 
+static void my_destructor(struct iovec *iov, size_t n) {
+        /* not really a destructor, just something we can use to check if the destruction worked */
+        memset(iov, 'y', sizeof(struct iovec) * n);
+}
+
+TEST(cleanup_array) {
+        struct iovec *iov, *saved_iov;
+        size_t n, saved_n;
+
+        n = 7;
+        iov = new(struct iovec, n);
+        assert_se(iov);
+
+        memset(iov, 'x', sizeof(struct iovec) * n);
+
+        saved_iov = iov;
+        saved_n = n;
+
+        {
+                assert_se(memeqbyte('x', saved_iov, sizeof(struct iovec) * saved_n));
+                assert_se(iov);
+                assert_se(n > 0);
+
+                CLEANUP_ARRAY(iov, n, my_destructor);
+
+                assert_se(memeqbyte('x', saved_iov, sizeof(struct iovec) * saved_n));
+                assert_se(iov);
+                assert_se(n > 0);
+        }
+
+        assert_se(memeqbyte('y', saved_iov, sizeof(struct iovec) * saved_n));
+        assert_se(!iov);
+        assert_se(n == 0);
+
+        free(saved_iov);
+}
+
 DEFINE_TEST_MAIN(LOG_INFO);